41912f7d4f33c906a74a952afa5a9701_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

41912f7d4f33c906a74a952afa5a9701_JaffaCakes118
Size

211KB
MD5

41912f7d4f33c906a74a952afa5a9701
SHA1

700918794778844905ebeba1d74ab0f8005a6b3a
SHA256

0a263a5e3ccbca44befadf95a5e9f3cf937e1c476f0b0ae5cfca7fb93ae0cc08
SHA512

097d72d94ad6c6fae340a2df56c8abbb0c7ca5f672be6a0a62a9a392b6bc8b9febc9c69f94bbae537c94fb3093cc1ab6fa37980b4f11245e4f7ba320bd906257
SSDEEP

6144:cycESbIbx4oJP5Ancts+vYL0z2nk9XzSj:yESbI1knc/vY22nW2j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41912f7d4f33c906a74a952afa5a9701_JaffaCakes118

Files

41912f7d4f33c906a74a952afa5a9701_JaffaCakes118
.exe windows:4 windows x86 arch:x86

75f3047bc25b41c12a9105756e6b8f39

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SysAllocStringLen
RegisterTypeLib
VariantCopyInd
SafeArrayGetUBound
OleLoadPicture
SafeArrayPtrOfIndex
SafeArrayUnaccessData
SysStringLen

kernel32

LoadLibraryA
VirtualAllocEx
MoveFileA
GetThreadLocale
ExitProcess
GetModuleHandleA
HeapDestroy
GetACP
lstrcatA
IsBadReadPtr

gdi32

CreateBitmap
SaveDC
GetBkColor
CreateCompatibleBitmap
CreateDIBSection
CreateDIBitmap
GetTextAlign
SetTextColor
SetBkMode

comctl32

ImageList_DrawEx
ImageList_Read
ImageList_Destroy
ImageList_Draw
ImageList_Add
ImageList_GetBkColor

user32

ReleaseCapture
CreatePopupMenu
GetMenu
RemoveMenu
RegisterWindowMessageA
KillTimer
ReleaseDC

Exports

Exports

_mvWtGIOjTa46d
_EsIEYTg2svF65n@20

Sections

.text
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 197KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ